Friday, June 10, 2011

Active Directory – Container objects


 

Container Objects:-

1. Forest
2. Domain Trees
3. Domains
4.  OU’s

Forest:-
             The largest container objects with active directory are forest. The forest container defines the fundamental security boundary within the Active directory. Which means that users can access resources across an AD forest using the single logon / password combination additional logon would be?
Required to access resources across more than one forest.
             To improve the efficiency of active directory, it divides information into multiple partitions also called naming contexts (NCs). Each domain controller copies of the ntds.dit database file will contain a minimum of three Naming contexts. The following two naming context are replicated forest-wide and are thus stored in the ntds.dit file on every domain controller in a forest.

1.       Schema NC (or) Schema Partition
2.       Configuration partition (or) configuration NC


Schema NC:-

                The schema partition or schema NC contains the rules and definitions that are used for creating and modifying object classes and attributes within active directory.

Configuration Partition:-

                The configuration partition or configuration NC contains the information regarding the physical topology of the network as well as other configuration data that must be replicated throughout the forest.
          Because the schema NC is replicated forest wide, each AD forest has a single schema that is shared by every domain and domain tree within the forest. The information in the configuration NC is similarly shared by all domains in a single forest.
                Each domain controller also stores a copy of the domain NC, which is replicated to each DC within a single domain. The domain NC consists of users, computer and other resources information for a particular active directory domain.

In my next post I will explain about components of Domain trees, domains and OU’s.